Hi [[ session.user.profile.firstName ]]

Cloud Security Alliance: CloudBytes

  • Date
  • Rating
  • Views
  • Accelerating Your Journey to Zero Trust
    Accelerating Your Journey to Zero Trust
    Christopher Scheels, Director of Product Marketing, Cyxtera Recorded: Jul 11 2019 38 mins
    Zero Trust is trending. Every expo show floor is inundated with this concept that promises to transform of corporate security from a well-known failed perimeter-centric model. In this session, we will discuss what is Zero Trust, why are enterprises adopting it to fix some of security’s biggest challenges and how to get started.
  • Does WebAuthn Signal the End of Passwords for Browsers?
    Does WebAuthn Signal the End of Passwords for Browsers?
    Pay-al Pan, Senior Solutions Engineer, Okta & James Fang, Director of Product Marketing, Okta Recorded: Jun 27 2019 48 mins
    Passwords have been the de-facto standard for authentication in the last 40 years, but end users hate them. Not to mention they aren't considered safe anymore - 81% of hacking-related account breaches leveraged weak or stolen passwords. While password + 2FA is a recommended approach by NIST, 2FA may still be hackable.

    WebAuthn promises a safer, phishing-resistant protocol and easier authentication standard for web applications. But can it live up to it's hype? Join this session to learn about WebAuthn and understand how you can build strong auth with WebAuthn into your applications.
  • The Nexus of Organized Cyber Crime and Cyber Terrorism
    The Nexus of Organized Cyber Crime and Cyber Terrorism
    Dr. Florian Huber, Research Manager at SYNYO & Mag. Bernhard Jäger, Research Manager and Department Lead at SYNYO Recorded: Jun 26 2019 62 mins
    New Services and Tools for Supporting First-line-practitioners and Law Enforcement Agencies.

    In recent years, Europe has been at increased risk of extremist violence and terrorism – from Islamic fundamentalists, far-right fascist hate groups and others, fueled by online radicalization and encrypted communication networks. At the same time, national and international law enforcement agencies are battling growing networks of organized criminals that are increasingly taking their activities online, using the notorious underground ‘dark web’ to commit illegal acts.

    Faced with these threats, the EU-funded TAKEDOWN project (https://www.takedownproject.eu) is developing tools to understand why people turn to terrorism or organized crime, and what can be done to combat the problem. Due to the increasing relevance of the cyber-domain, the project also addressed the issues of (cyber)terrorism and organized (cyber)crime and put a particular focus on the nexus or the hybrids of organized crime and terrorism. 
    The webinar, presented by the coordinator of the H2020-project TAKEDOWN, will address…
    - The outcomes of the research conducted in the project. Focusing on the main conclusions related to the nexus and the hybrids.
    - The main practical outcomes of the project the two web platforms, www.firstlinepractitioners.com (for practitioners) and www.fightcrimeterrorism.com (law enforcement agencies and solution providers)
  • 2019 Trends Report: The Zero Trust Journey
    2019 Trends Report: The Zero Trust Journey
    Kelsey Nelson, Product Marketing, Okta Recorded: Jun 20 2019 28 mins
    As your workforce becomes more distributed, security is even more critical. Protecting the network is important but it’s no longer enough to secure applications and data. That’s why adoption of a Zero Trust security framework is on the rise.

    Interested in more data on how your peers are adopting Zero Trust to protect their apps, data and distributed workforce? Join our webinar where we’ll discuss:
    - The full Zero Trust architecture and the steps to get there
    - Where organizations struggle in reaching Zero Trust and how to overcome barriers
    - Your peer’s top priorities for next year
  • 5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World
    5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World
    Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope Recorded: Jun 13 2019 54 mins
    The rapid adoption of cloud and mobile in the enterprise is powering the transformation of legacy IT systems to more modern technology and processes. The business benefits of speed and agility for the enterprise can’t be denied, but the challenge is that security is often not considered a part of this digital transformation. The result is new blind spots are introduced in this cloud- and mobile-first world and legacy security tools are ineffective when it comes to protecting your data.

    In this session, we will discuss the new blind spots that exist in today's cloud- and mobile-first world and 5 steps you can take to help ensure that your data is protected.

    Join this session to learn:

    - About new blind spots that exist in today’s cloud- and mobile-first world
    - Why legacy security tools are ineffective
    - 5 steps to covering these new blind spots
  • Securing Cloud Infrastructure with Cyber Exposure
    Securing Cloud Infrastructure with Cyber Exposure
    Nate Dyer, Product Marketing Director, Tenable Recorded: Jun 6 2019 61 mins
    Cloud is dramatically expanding your attack surface and introducing new visibility challenges into infrastructure security. Without foundational visibility, it’s nearly impossible to execute other cloud security programs supporting compliance, policy enforcement, and vulnerability remediation. Cyber Exposure is a cybersecurity discipline to provide visibility into traditional IT and cloud infrastructure to help you manage and measure cyber risk. Cyber Exposure allows you answer three fundamental questions in your cloud environment:
    - Where are we exposed?
    - What should we focus on first?
    - How are we reducing exposure over time?

    Join us as we demystify Cyber Exposure, show how it can help you secure cloud infrastructure, and provide best practices to help you get started on your Cyber Exposure journey.
  • CSA Study: Cloud Security Complexity
    CSA Study: Cloud Security Complexity
    Yitzy Tannenbaum, Product Marketing Manager at AlgoSec Recorded: Jun 4 2019 52 mins
    Cloud computing provides improved security, agility and flexibility. However, integrating this new service into legacy IT environments comes with great concern.

    The Cloud Security Alliance has recently surveyed over 700 IT and network security professionals from around the globe on security challenges in cloud environments. In this research, security, data loss and compliance were identified as the top 3 concerns when moving to the cloud. In the face of increasingly complex environments, cloud visibility and expertise are essential to ensuring a manageable, secure and fluent transition to a native cloud, hybrid or multi-cloud environment.

    In this webinar Yitzy Tannenbaum, Product Marketing Manager at AlgoSec will review and analyze the findings from the new CSA report “Cloud Security Complexity: Challenges in Managing Security in Native Hybrid and Multi-Cloud Environments”, including:

    • Types of cloud platforms being used by companies
    • Common challenges faced by companies when moving workloads to the cloud
    • The many stakeholder involved in cloud security
    • Methods of managing risk and vulnerabilities in the cloud environment
    • Causes of network or application outages and the amount of time it took to remediate
  • Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error
    Embracing the Kanyes: Fostering a Security Culture that Accepts Human Error
    Aaron Zander, Head of IT, HackerOne & Gen Buckley, Senior Analyst, Security, and Compliance, Okta Recorded: May 30 2019 44 mins
    It's easy blame employees for poor password and email hygiene, but in reality, human error isn't going to go away. Every organization will always have a "Kanye" with poor operational security and weak passwords. IT and Security teams have to acknowledge the “desire paths” across the security landscape, and ensure that we not only keep up, but facilitate ease of access while maintaining our security perimeter.

    There’s no guarantee on the tech savvy nature or level of care an employee will bring to the table, so we need to move the table closer to them and provide a safe harbor where mistakes are allowed to occur. In this session Aaron Zander, Head of IT for HackerOne, and Gen Buckley, Senior Analyst for Security and Compliance at Okta, will discuss the various ways to enable a security culture without crippling your coworkers.
  • GDPR: Data breach prevention & mitigation - Lessons learned in the past year
    GDPR: Data breach prevention & mitigation - Lessons learned in the past year
    Istvan Lám, CEO, Tresorit & Daniele Catteddu, CTO, Cloud Security Alliance Recorded: May 28 2019 61 mins
    Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Protection Regulation (GDPR) on 25 May last year. However, compliance with the GDPR is not a tick box activity, it requires continuous evaluation of data flows in and outside the company.

    This webinar brings together Daniele Catteddu, Chief Technology Officer of the Cloud Security Alliance (CSA) and Istvan Lám, CEO of Cloud encryption company, Tresorit to discuss the key learnings since the GDPR entered into force with focus on data breach prevention and mitigation.

    The speakers will reflect, in particular, on the following aspects:
    - Key learnings from data breach notifications & fines imposed so far
    - Best practices for breach detection and reporting
    - Challenges regarding the assessment of the severity of personal data breaches
    - The most common types of data breaches and how to mitigate their impact
    - Assessment of real-case data breaches, determination of what went wrong, and discussion on the implications for compliance with the GDPR going forward
  • Scaling Cloud Forensics & Incident Response with OSQuery
    Scaling Cloud Forensics & Incident Response with OSQuery
    Sohini Mukherjee, Security Analyst & Andres Martinson, Sr. Security Engineer, Adobe Recorded: May 23 2019 50 mins
    An enterprise has a diverse environment (cloud instances, servers, workstations) in which to try and detect potential security incidents. The ability of an incident response team to work quickly and at necessary scale is imperative when incidents do unfortunately occur. After an initial compromise, attackers often move laterally in an environment, trying to establish a foothold and escalate privileges. While they try to remain stealthy, they almost always leave behind footprints. Detecting and analyzing these footprints quickly and accurately to scope the issue is critical.

    This webcast will explore a scalable approach developed by the Adobe security team that relies on open source tools like OSQuery. The goal was to develop techniques that can be leveraged to more quickly and easily investigate large groups infrastructure components for initial triage, basic forensic analysis, and to also help proactively detect threats. Attendees will learn about the techniques we developed that they can then go apply to their own environments to help with their incident response efforts in the cloud.

Embed in website or blog